From: Jeff Garzik <jeff@garzik.org>
To: Dave Airlie <airlied@gmail.com>
Cc: Jon Smirl <jonsmirl@gmail.com>,
Jesse Barnes <jbarnes@virtuousgeek.org>,
Jesse Barnes <jesse.barnes@intel.com>,
linux-kernel@vger.kernel.org,
"Antonino A. Daplas" <adaplas@gmail.com>
Subject: Re: [RFC] enhancing the kernel's graphics subsystem
Date: Tue, 22 May 2007 04:16:57 -0400 [thread overview]
Message-ID: <4652A6F9.1040502@garzik.org> (raw)
In-Reply-To: <21d7e9970705220107mc096135nc26af32830d83646@mail.gmail.com>
Dave Airlie wrote:
>> It is a quite sensible idea.
>>
>> The userspace X server SHOULD be running under a non-root user, with
>> appropriate fine-grained privs granted to it.
>>
>> "I need root to do graphics" is a myopic, antiquated view of the world.
>
> Did I say the X server? There are policy decisions that are root only
> also authorisation of processes to render etc..
Root only today, maybe, but this thread is talking about future
directions. Don't lock your design into a coarse-grained security model.
> I'm not sure we can punt all that in-kernel.
See my response to Alan.
Jeff
next prev parent reply other threads:[~2007-05-22 8:17 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-05-17 21:23 [RFC] enhancing the kernel's graphics subsystem Jesse Barnes
2007-05-17 22:32 ` [PATCH 1/3] allow console unregistration Jesse Barnes
2007-05-17 22:47 ` Jesse Barnes
2007-05-17 23:23 ` Antonino A. Daplas
2007-05-18 0:56 ` Jesse Barnes
2007-05-22 21:43 ` [PATCH 1/2] " Jesse Barnes
2007-05-23 0:49 ` Antonino A. Daplas
2007-05-22 21:44 ` [PATCH 2/2] make fbcon unregister when unloaded Jesse Barnes
2007-05-22 22:05 ` Randy Dunlap
2007-05-22 22:14 ` Jesse Barnes
2007-05-23 0:47 ` Antonino A. Daplas
2007-05-30 0:00 ` [PATCH 1/3] allow console unregistration Antonino A. Daplas
2007-05-30 6:26 ` Geert Uytterhoeven
2007-05-17 22:37 ` [PATCH 2/3] drm modesetting core Jesse Barnes
2007-05-17 22:48 ` Jesse Barnes
2007-05-17 23:41 ` Luca Tettamanti
2007-05-18 1:04 ` Jesse Barnes
2007-05-18 19:33 ` Luca Tettamanti
2007-05-18 21:06 ` Jesse Barnes
2007-05-17 22:40 ` [PATCH 3/3] Intel support for DRM modesetting Jesse Barnes
2007-05-17 22:48 ` Jesse Barnes
2007-05-20 17:42 ` [RFC] enhancing the kernel's graphics subsystem Jon Smirl
2007-05-20 23:10 ` Jesse Barnes
2007-05-21 0:47 ` Jon Smirl
2007-05-21 1:29 ` Jeff Garzik
2007-05-21 15:34 ` Jon Smirl
2007-05-21 16:15 ` Arjan van de Ven
2007-05-21 15:09 ` Jesse Barnes
2007-05-21 16:01 ` Jon Smirl
2007-05-21 16:14 ` Jesse Barnes
2007-05-21 16:34 ` Jesse Barnes
2007-05-21 17:05 ` Jon Smirl
2007-05-21 17:14 ` Dave Airlie
2007-05-21 17:29 ` Jon Smirl
2007-05-21 17:42 ` Jon Smirl
2007-05-21 17:47 ` Dave Airlie
2007-05-21 18:04 ` Jon Smirl
2007-05-21 18:44 ` Dave Airlie
2007-05-21 19:10 ` Jon Smirl
2007-05-21 19:20 ` Dave Airlie
2007-05-21 23:24 ` Jeff Garzik
2007-05-22 0:08 ` Jon Smirl
2007-05-22 0:20 ` Benjamin Herrenschmidt
2007-05-21 23:21 ` Jeff Garzik
2007-05-22 0:35 ` Alan Cox
2007-05-22 0:33 ` Jeff Garzik
2007-05-22 0:45 ` Jon Smirl
2007-05-22 0:56 ` Jon Smirl
2007-05-22 8:21 ` Dave Airlie
2007-05-22 8:07 ` Dave Airlie
2007-05-22 8:16 ` Jeff Garzik [this message]
2007-05-22 8:27 ` Dave Airlie
2007-05-22 16:06 ` Jon Smirl
2007-05-22 16:19 ` Alan Cox
2007-05-22 16:34 ` Jeff Garzik
2007-05-22 0:15 ` Benjamin Herrenschmidt
2007-05-21 17:32 ` Jesse Barnes
2007-05-21 23:18 ` Jeff Garzik
2007-05-22 0:26 ` Jon Smirl
2007-05-22 1:56 ` Jesse Barnes
2007-05-22 14:27 ` Jon Smirl
2007-05-22 14:35 ` Dave Airlie
2007-05-22 15:13 ` Jon Smirl
2007-05-22 17:25 ` Dave Airlie
2007-05-22 19:58 ` Jon Smirl
2007-05-28 20:12 ` Pavel Machek
2007-05-28 20:57 ` Jon Smirl
2007-05-29 14:26 ` Pavel Machek
2007-05-29 16:51 ` Jon Smirl
2007-05-22 14:54 ` Alan Cox
2007-05-22 15:16 ` Jon Smirl
2007-05-22 15:46 ` Jesse Barnes
2007-05-22 16:02 ` Jon Smirl
2007-05-22 16:14 ` Alan Cox
2007-05-22 16:15 ` Jesse Barnes
2007-05-22 16:32 ` Jon Smirl
2007-05-22 16:35 ` Jeff Garzik
2007-05-22 16:51 ` Jesse Barnes
2007-05-22 15:59 ` Matthew Garrett
2007-05-21 16:16 ` Dave Airlie
2007-05-21 8:27 ` Dave Airlie
2007-05-21 9:09 ` Helge Hafting
2007-05-21 9:27 ` Dave Airlie
2007-05-21 9:44 ` Helge Hafting
2007-05-21 15:57 ` Jesse Barnes
2007-05-21 16:07 ` Jon Smirl
2007-05-21 16:27 ` Dave Airlie
2007-05-21 16:50 ` Xavier Bestel
2007-05-22 0:09 ` Benjamin Herrenschmidt
2007-05-22 0:51 ` Keith Packard
2007-05-22 2:48 ` Benjamin Herrenschmidt
2007-05-22 15:39 ` Jesse Barnes
2007-05-22 23:26 ` Benjamin Herrenschmidt
2007-05-22 23:36 ` Jesse Barnes
2007-05-23 0:40 ` Antonino A. Daplas
2007-05-23 12:19 ` Helge Hafting
2007-05-22 16:29 ` Philipp Klaus Krause
2007-05-22 16:57 ` Jesse Barnes
2007-05-22 18:18 ` Dave Airlie
2007-05-22 2:56 ` l l
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4652A6F9.1040502@garzik.org \
--to=jeff@garzik.org \
--cc=adaplas@gmail.com \
--cc=airlied@gmail.com \
--cc=jbarnes@virtuousgeek.org \
--cc=jesse.barnes@intel.com \
--cc=jonsmirl@gmail.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.